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A method and apparatus for providnig phy^cal 
security for a user account and supplying access to the 
environment and preferences associated with a particu- 
lar user are provided. An Internet terminal is coupled to 
a sender system. The Internet terminal detects die pres- 
ence of a smart card (705). The smart card includes a 
memory such as a programmable ROM (PROM), any 
form of erasable PROM (EPROM) cht Flash memory 
having sc<ml therein identificadon Information. The In- 
ternet terminal reads Qte identification information fmn 
ihe smart cards (715) and transmits the tdentificatlon in- 
formation to a server (720). According to another aspect 
of the present inventi<Hi an Internet tBrminal can he con- 
figured by a server. The server receives identificadon 
infonnation from an Internet terminal. The identifica- 
tion informatt(»i uniquely identifies a smart card (735). 
The server locates configuration infonnation associated 
widi a particular user of die server based upon the iden- 
tification Information. The configuration infoimatitm 
may include customer preferences for customizing die 
operation of die Internet terminal such as the type of 
(ai-«creen teyboaid pitsented by the internet teirninal, 
the font used by dte Internet tenninal for displaying text, 
background music options, and e-fnaO options. In any 
event, after locating die configuration infonnation, die 
server downloads die configuration information (750) to 
die internet tenninal. 
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MEraOD AND APPARATUS FOR PROVIDING PHYSICAL 
SECURITY FOR A USER ACCOUNT AND PROVIDING ACCESS TO 
THE USERS ENVIRONMENT AND PREFERENCES 

FIELD OF THE INVENTION 

The invention relates generally to the fidd of client-server computer 
networking. More particularly, the invention relates to a method and apparatus for 
providing physical security for a user account and supplying access to the enviroiunent 
and preferences associated with a particular user. 

BACKGROUND OF THE INVENTION 

The number of people using the Internet and the World Wide Web (the Web) 
has increased substantially in recent years. Some Internet users gain access to the 
services of the Internet and the Web through user accounts provided by their employer 
or an educational institution. Others access the Internet iGrom their home computers 
through accounts supplied by commercial Internet access providers such as America. 
Online™, CompuServe™ or the like. In any event, these accounts provide only a 
minimal amount of security against intrusion. Typical account security inchides merely 
a usemame and a password, typically both chosen by the user. 

One of the disadvantages of these typical Internet access accounts is the 
vukierability to invasion as a result of the poor security. For example, passwords can 
be cracked by password crack programs mploying password cracking dictionaries or 
by brute force password gues^g programs. Further, users are sometimes tridced into 
disclosing thdr account passwords. For example, individuals purporting to be support 
staff for a particular online service were able to convince subscribers to reveal their 
passwords. 

Internet access providers g^erally charge an hourly or monthly fee for a user 
account Due, at least in part, to the cost of such an account, maiiy people are still 
without access to the Intmiet and the Web. In fact, these costs may be incentive 
enough for some people to break into user accounts to gain access to the Int&net 
services such as chat and dectroiuc mail (e-mail). Others apparently find pleasure in 
gaining access to anoth^s account 
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Based on the foregoing^ it is desirable to provide more security for user 
accounts. Spedfically, it is desirable to provide a mobile mechanism of physical 
security. Also, it would be desirable for the host system to associate user preferences 
and envhronment with the physical security mechanism, thereby making the preferences 
and environment available to the user upon establishing a user session by way of the 
physical security device. 

SUMMARY OF THE INVENTIQN 

A method and apparatus for providing physical security for a user account and 
supplying access to the environment and preferences assodated with a particular user 
are described. An Internet terminal is coupled to a server system. The Internet terminal 
determines whether or not a smart card is present If so, the Internet terminal reads 
identification information firom a memory in the smart card and requests initiation of a 
user ses^on by transmitting the identification information to a server. Otherwise, if a 
smart card is not present, the Internet terminal requests initiation of a user session by 
transmitting an identifier that identifies the Internet terminal. In tlus manner, a user that 
is not associated with an Internet tenninal may bypass the normal log-in processing of 
the Internet terminal and request initiation of a user session with his/her smart card. 

According to another aspect of the present invention an internet tenninal can be 
configured by a server. The server receives identification information firom an Internet 
terminal. The identification information xmiquely identifies a smart card firom which tt 
was read. The serv^ locates configuration information associated with a particular 
user of the server based upon the id^tification mformation. After locating the 
configuration information, the server downloads the configuration information to the 
Internet terminal Advantageously, by emplo^g the smart card, the particular user's 
preferences are made available to the user upon establishmg a user ses^on fi-om 
another's Internet terminal. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The pres^ invention is illustrated by way of example^ and not by way of 
limhation» in the figures of the accompanying drawings and in which like ref^ence 
numerals refer to amilar dm^ts and in which: 
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Figure 1 illustrates several clients connected to a proxying server in a network. 
Figure 2 illustrates a client according to one embodiment of the present 
invention. 

Figure 3 is a block diagram of an Internet temiinal according to one 
embodiment of the present invention used to implement a Web bro^vser that can be 
operated by remote control. 

Figure 4 is a block diagram of a server according to one embodiment of the 
present invention. 

Figure S is a block diagram of a server system shovring relationslups between 
various services and correspondbig databases according to one embodiment of the 
present invention. 

Figure 6A illustrates an exemplary customer database record according to one 
embodiment of the present inventioa 

Figure 6B illustrates an exemplaiy favorites database record according to one 
embodiment of the present invention. 

Figure 7 is a flow diagram illustrating the establishment of an online user 
session according to one embodiment of the present inv^tion 

Figure 8 is a flow diagram illustrating service request processing according to 
one embodiment of the present invention. 

DETAILED DESCRIPTION 

A method and apparatus are described for providing physical security for a user 
accoimt and supplying access to the environment and preferences associated with a 
particular user. In the following description^ for the purposes of explanation, numerous 
spedfic details are set forth in order to provide a thorough understanding of the 
present invention. It will be apparent, however, to one skilled in the art that the present 
invention may be practiced withoiit some of these specific details. In other instances, 
well-known structures and devices are shown in block diagram form. 

The present invention includes various steps» which will be described bdow. 
The steps can be embodied in machine-executable instructions, whidi can be used to 
cause a general-purpose or special-purpose processor programmed with the 
instrucdons to pafonn the steps. Alternatively, the steps of the preset invaitbn might 
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be perfonned by specific hardware conq>onents that contmn hardwired logic for 
performing the steps> or by any combination of programmed computer components 
and custom hardware components. 

SYSTEM OVERVIEW 

The present invention may be included in a system, known as WebTV, for 
providing a user with access to the Internet WebTV and WebTV Networfcs are 
trademarks of WebTV Networks, Inc. of Palo Alto, California. A user of a WebTV 
client generally accesses a WebTV server via a direct-dial telephone (POTS, for "plain 
old telephone service**), ISDN (bit^ated Services Digital Network), or other similar 
connection, in order to browse the Web, send and receive e-mail, and use various other 
WebTV network services. The WebTV network services are provided by WebTV 
servers using software redding within the WebTV servers conjunction with software 
residing within a WebTV client. 

Figure I illustrates a baac configuration of the WebTV network according to 
one embodiment A number of WebTV clients 1 are coupled to a modem pool 2 via 
direct-dial, bi-directional data connections 29, which may be telephone (POTS, i,e., 
"plain old telephone service"), ISDN (Integrated Services Distal Network), or any 
other similar type of connection. Other connection mechanisms may be employed such 
as cable and satellite forward channels, for example. In any event, the modem pool 2 is 
coupled typically through a router, such as that conventionally known in the art, to a 
number of remote servers 4 via a conventional network infrastructure 3, such as the 
Internet The WebTV system also includes a Wd^TV server 5, vAidh spedfically 
supports the WebTV clients 1. The WebTV clients 1 eadi have a connection to the 
WebTV serv^ 5 dther directly or through the modem pool 2 and the Internet 3. Note 
that the modem pool 2 is a con^tional mod^ pool, such as those found today 
throughout the world providing access to the Internet and private netwoiks. 

Note that in this description, in order to fedlitate «q)lanation the Wd)TV 
server S is generally discussed as if it w^e a single device, and functions provided by 
the WebTV services are generally discussed as bdng p^ormed by such sbgle device. 
However, the WebTV saver 5 may actually comprise multiple physical and logical 
devices connected in a distributed architecture, and the various functions discussed 
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below wtech are provided by the WebTV services may actually be distributed among 
multiple WebTV server devices. 



AN EXEMPLARY CLIENT SYSTEM 

Figure 2 illustrates a WebTV client 1 according to one embodiment of the 
present invention. In this embodiment, the WebTV client 1 includes an Intern^ 
terminal ] 0 (hereinafter refOTed to as "the WebTV box 1 0**), an ordinary television set 
12. and a remote control 11. In an alternative embodimait of the present invention, the 
WebTV box 10 is built into the tdewsion set 12 as an integral unit. The WebTV box 
1 0 includes hardware and software for providing the user with a graphical uso* 
interfece, by which the user can access the WebTV network services, browse the Web, 
send e-mail, and otherwise access the Internet 

The WebTV client 1 uses the television set 12 as a display device. The WebTV 
box 10 is coupled to the televi^on set 12 by a video link 6. The video link 6 is anKF 
(radio &*equencyX S-video, composite video, or other equivalent {bim of video link. In 
the preferred embodiment, the client 1 includes both a standard modem and an ISDN 
modem, such that the communication link 29 between the WebTV box 10 and the 
server 5 can be either a telephone (POTS) connection 29a or an ISDN connection 29b. 
The WebTV box 1 0 receives power through a power line 7. 

The WebTV box 10 also includes a SmartCard slot 8 for recdving an optional 
SmartCard 9, The SmaitCard 9 may be a plastic card that mdudes a memory chip 13, 
for example. In one embodim^t, the memory chip 13 is pre-programmed with 
identification information for uniquely identi^g the SnmtCard 9. Pr^erably, the 
memory chip 13 is embedded within the SmartCard 9. Various semiconductor 
memories may be used for memory chip 13 such as a programmable ROM (PROI^, 
any form of erasable PROM (EPROM) or Flash memory. It will be recognized that 
numerous other storage devices are suitable for use as the memory dup 13. Since 
portability is important, preferably, the SmartCard 9 is the size of a typical credit card. 
In alternative embodiments, the SmartCard 9 may additionaQy include one or more 
microprocessors arid/or ad^tional memory chips such as a random access memory 
(RAM), fi)r exan^le. Further, to fadlitate reusability of SmartCards, the unique 
identification information may be generated by a centralized authority and previously 
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Stored SmartCard identification information may be overwritten. 

In the embodiment depicted, the user may operate remote control 1 1 to control 
the WebTV (Sent 1 in browsing the Wd), sending e-mail, and performing otho^ 
Internet-related foncdons. The Wd)TV box 10 receives commands from remote 
control 1 1 via an infixed (IR) communication link In alternative embodiments, the link 
between the remote control 1 1 and the WebTV box 10 may be RF or any equivalent 
mode of transmission. 

Figure 3 is a block diagram of the internal features of the WebTV box 10 
according to one embodiment of the present inv^tion. In this embodiment, operation 
of the WebTV client 1 is controlled by a central processmg unit (CPU) 21 which is 
coupled to an Application-Specific Integrated Circuit (ASIC) 20, The CPU 21 
executes software designed to implement features of the present invention. ASIC 20 
contains drcuitiy which may be used to implement certain features provided by the 
WebTV client 1. ASIC 20 is coupled to an audio digital-to-analog converter 25 which 
provides audio output to television 12. In addition, ASIC 20 is.coupled to a video 
encoder 26 which provides video output to televi^on set 12. An IR interface 24 
detects IR signals transmitted by remote control 1 1 and, in response^ provides 
corresponding electrical signals to ASIC 20. ASIC 20 is further coupled to a 
SmartCard mterface 31. The SmartCard interface detects the presence of a SmartCard 
such as SmartCard 9 and signals the ASIC 20 accordingly. A standard telephone 
modem 27 and an ISDN modem 30 are coupled to ASIC 20 to provide cormections 
29a and 29b, respectively, to the modem poo! 2 and, via the IntOTiet 3, to the remote 
servers 4. Note that the WebTV box 10 also may include a cable television modem 
(not shown). 

Also coupled to ASIC 20 is Read-Only Memory (ROM) 22, which provides 
storage of program code for implementing the ^plication software to be executed by 
the WebTV box 10. Note that ROM 22 may be a programmable ROM (PROM) or any 
form of erasable PROM (EPROM) or Flash memory. Also coupled to ASIC 20 is 
Random Access Mwnory (RAM) 23, A mass storage device 28 may optionally be 
provided and coupled to ASIC 20. The mass storage device 28 may be used to input 
software or data to the client or to download software of data recdved over networic 
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connection 29. The mass storage device 28 includes any suitable medium for storing 
machine-executable instructions, such as magnetic dislcs, optical disks^ and the like. 

AN EXEMPLARY SERVER SYSTEM 

The WebTV server 5 generally includes one or more computer systOTs 
genially having the architecture illustrated in Figure 4. It should be noted that the 
illustrated ardiitecture is only exemplaiy; the present invention is not constrained to 
this particular architecture. The illustrated architecture includes a central processing 
unit (CPU) 50, random access memory (RAM) 51, read-only memoiy (ROI^ 52, a 
mass storage device 53, a modem 54, a network interface card (NIC) 55, and various 
other input/output (I/O) devices 56. Mass storage de^dce 53 includes a magnetic, 
optical, or other equivalent storage medium. I/O devices 56 may include any or all of 
devices such as a display monitor, ke^^oard, cursor control device, etc... Modem 54 is 
used to communicate data to and from remote servers 4 via the Internet. 

As noted above, the WebTV server 5 may actually comprise multiple physical 
and logical devices connected in a distributed architecture. Accordingly, NIC 55 is 
used to provide data communication with other devices that are part of the WebTV 
services. Modem 54 may also be used to communicate with other devices that are part 
of the WebTV services and which are not located in close geographic proximity to the 
illustrated device. 

EXEMPLARY SERVICES. DATABASES. CUSTOMER PREFERENCES. 
AND ENVIRONMENT 

As shovm in Figure 5, a WebTV server 5 may provide a number of services 
such as a setup service 510, a log-in service 515, a fevorites service 520 and a ntiail 
sendee 525. Each service may be associated with one or more persistent databases 
where customer mfbrmation may be stored sudi as customer preferences related to the 
particular service. Note the spedfic choice of services and databases for this example is 
illustrative only. In this example, a setup database 530 is associated with the setup 
service 510, a customer database 540 is associated with the log-in service 5 15, a 
favorites database 545 is associated with the fevorites sorvice 520, and a mailbox 350 
and an address book database 555 are associated with the mail service 525. In 
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alternative embodiments* more or less services and databases may be provided. Also, 
while these services are shown as being provided by a single WebTV server 5, it 
should be appreciated that the services and databases may be distributed among one or 
more servers. 

In this embodiment, the log-in service 515 is used specifically to control initial 
logon procedures by a client 1. The log-in service 515 has exclusive access to the 
customer database 540. As will be discussed fimher with respect to Figure 6A, the 
customer database 540 may store various information pertaining to each authorized 
user of a client 1 such as a unique customer id, and other information used to control 
certain features relating to access privileges and capabilities of the user. This 
information may be used to regulate initial access to the WebTV service during the 
establishment of a user session, as well as to facilitate access to the individual services 
provided by the WebTV service. 

The setup service 510 provides the user with the ability to customize the 
operation of the WebTV box 10. An exemplary set of customer preferences may 
include the following: the type of on-screen keyboard presented by the WebTV box 
10; the font used for displaying text on the display device 12; background mmo 
options, and e-mail options. With respect to the on-screen keyboard, theus«-may 
indicate his/her preference between a traditional keyboard (e.g., QWERTY) or an 
alphabetical keyboard (e.g. a, b, c, d, etc.), for example. Regarding the font used for 
displaying text, the user may indicate preferences relating the font size such as smaQ, 
medium, or large font size. With respect to background music options^ the user may 
choose whether background music is enabled or disabled and if enabled, the prefened 
type of background music may be selected. E-mail preferences may include the listing 
order of e-mail messages (e.g., newest to oldest, oldest to nev/est, etc.), a text 
signature to be appended to outgoing e-mail messages, and addressing options (e.g, 
whether a carbon copy line should be included on outgoing e-mail messages). These 
customer pref^ences may be maintained by the setup service 510 and made available 
to the W*TV box 10 when a usier session is established. For example, to help the user 
feel at home while connected to the WebTV service through another's WebTV box 10, 
the customs preferences associated with the particular user may be downloaded to the 
WebTV box 10 from the setup service 510 when a user session is established. The 
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customer preferences for each user may be conveni^tly stored in a database sach as 
the setup database 530. The preferences may be accessed from the database u^ng a 
unique customer id assodated with the user, for &cample. Such a unique id may be 
stored in the customer database 540 as discussed finther with respect to Figure 6A 

Having described customer preferences related to the operation of the WebTV 
box 10, exemplary dements of a user's environment will now be described. The 
environment may include preferences and other data related to a particular user's 
account. In this embodiment, information regarding a particular user's environment b 
also maintained in one or more persistent databases on one or more WebTV servers 5, 
An exemplary user environment may include information pertaining to fevorite Web 
pages and/or e-mail such as stored or newly received e-mail messages 
and an e-mail identifier. 

In the embodiment depicted, the favorites service 520 tracks a user's favorite or 
preferred Web pages. Each user may have an individual fiivorites list. Essentially, the 
favorites service 520 acts as a bookmark &cility allowing the user to mark certain 
favorite Web pages. Further, the favorites service 520 provides a way to jump to those 
favorite Web pages. When a user indicates a Web page being displayed is a "favorite," 
it is added to the user's list of favorites and stored in a database such as the favorites 
database 545. Additionally, the favorite Web pages may be oi^ganized into user-defined 
categories. For example, a user might have a set of favorite pages including Web pages 
pro^nding real-time stock quotes, portfolio valuations, and finandal news grouped in a 
category labeled "finandal informatioa" Like the setup database 530, the favorites 
database 545 may be organized by customer id. An exemplary &vorites database 
record will be discussed below. 

The mail service 525 provides functions to support sendmg and retrievbg 
e-mail. The mailbox 550 may store a list of new e-mail and a list of stored e-mail for 
each user. The mailbox 50 may be organized by the user's e-mail identifier or by 
customer id. Each user may maintain e-mail address lists m an address book database 
555. As above, the email address lists stored m the address book database 555 maybe 
accessed by the user's customer id. Each e-mail address list record may contain an 
e-mail address for an individual and a name to be assodated with the address, for 
example. 
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A TYPICAL LOG^IN SCENARIO 

A typical log-in scenario involves a client 1 requesting access to the WebTV 
service by transmitting an embedded silicon id that uniquely identifies the WebTV box 
10 to the log-in service 515. Therrfbre, the WebTV box 10 itself serves as one level of 
physical security. A user's account cannot be accessed without at least his/her WebTV 
box 10 or SmartCard 9. A SmartCard 9 log-in scenario is discussed below. 

In any event, upon receiving the silicon id, the log-in service 515 consults the 
customer database 540 to determine if access to the server 5 by this particular WebTV 
box 10 is authorized. Assuming access is authorized, tfie log-in service 515 determines 
the user(s) associated with the WebTV box 1 0 and transmits a log-in screen which is 
presented to the user by the WebTV box 10 via the display device 12. The log-in 
screen displays the usemames of the authorized users of the WebTV box 1 0. WTien the 
us^ selects one of the displayed usemames and enters an optional password associated 
with his/her account, a log-on request is transmitted to the log-in service 5 1 S. In 
response to the log-on request by the WebTV box 10, the log-in service SIS consults 
the customer database 540 to verify the user password. 

TICKET GENERATION 

Assuming the correct password has been entered by the user, the log-in service 
20 515 proceeds to retrieve information pertaining to the particular user &3m the 

customer database 540. The log-in serwce 515 then generates a "ticket** 560, which is 
an information packet including the retrieved information. The ticket 560 is then 
provided to the WebTV box 10 that requested access. The ticket 560 includes 
information identifying the access privileges of a particular user with respect to 
25 services provided by the server 5. For example, the ticket 560 may include the 

usemame of the user operatbg the client 1, the real name of the us^, the customs id 
associated ^th the user, and any filtering requested by the user with respect to 
viewing Web ates. As will be discussed further below, when the user makes a service 
request (e.g., a request to access to one of the services), the client 1 may submit a copy 
30 of the ticket 560 to that savice. 
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AN EXEMPLARY CUSTOMER DATABASE RECORD 

Figure 6A illustrates an exemplary customer database record according to ooe 
embodiment of the present invention. In this example, each record in the customer 
database 540 includes a silicon ID 60S, a collection of subscriber informaUon 610, a 
5 customer ID 615, a usemame 620, a password 625, a SmartCard ID 630, and a 

SmartCard password 635. As discussed above, the silicon ID 605 is an identifier such 
as a serial number that uniquely identifies a particular WebTV box 10, Because 
multiple users may share a WebTV box 10, in this embodiment, there is a one-to-many 
relationship between the silicon ID 605 and the fields assodated with a particular user. 

10 The subscriber information 610 may include such information as adnunistrative and 

billing data for a particular user including the user's real name, a credit card number, 
the user's address and phone number, etc. The customer ID 61 5 is an identifier such as 
a serial number that uniquely identifies a particular user of the WebTV service The 
usemame 626 is a name the user has chosen to associate with his/her account. The 

15 usemame 626 may serve as the user's e-mail identifier within a particular domain. For 

example, a user having the usemame "merlin" might have an e-mml address of 
merlin@webtv.net. The password 625 is optional, if a user chooses to assign a 
password to his/her account, then the WebTV service will require its entry upon log-in 
and perform appropriate validation before generating the ticket 560. The SmartCard 

20 ID 630 is also optional. Preferably, a separate SmartCard password 635 is associated 

with the SmartCard ID 630. However, the password 625 may be used for both the user 
password and the SmartCard password 635. 

In any event, if a user has associated a SmartCard 9 with his/her account, then 
identification information stored on the SmartCard 9 such as an identificadon number 

25 for imiquely identifying the SmartCard 9 may be stored m a field in the customer 

record assodated with that user such as the SmartCard ID 630. In this manner, a 
translation may be performed from a particular SmartCard ID 630 to a customer ID 
615, thereby allo>mng the WebTV service to identify a particular user at !og*in and 
produce a ticket 560 without reference to the silicon 605 of the user's WebTV box 1 0. 

30 Therefore, as vnXL be discussed further below, one advantage of associating a 

SmartCard 9 with a given user customer record in the customer database 540, is that 
the us^ can log-in to the WebTV s^ce finom any available client 1 such as one that 
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might be provided by a hotel in each of its rooms for the benefit of its patrons. Thus, 
the user is not limited to logging in to the WebTV service Scorn his/her WebTV box 1 0. 
Additionally, as will be explained fiirther below, the user will automaticaOy have access 
to his/her pieferences such as those stored in the setup database 530 and his/her 
environment such as favorites and e-mail upon establishing a user session with a 
SmartCard 9. 



AN EXEMPLARY FAVORITBS DATABASE RECORD 

Hgure 6B illustrates an exemplary fevorites database record according to one 
embodiment of the present invention. In this example, each record m the favorites 
database S4S includes the customer ID 61 S, a list of favorite uniform resource locators 
(URLs) 645, a list of favorite titles 650 each title corresponding to a URL in a list of 
favorite URLs 645, and a list of favorite thumbnails 655 each thumbnail corresponding 
to a particular URL in the list of favorite URLS 645. The list of favorite URLS 64S is 
a list including one or more URLS the user has de^gnated as a '^fevorite." When the 
user dedgnates a Web page as a favorite site, the URL of the Wd) page is stored in the 
list of favorite URLS 645 associated with the customer id 615 of the user. In this 
embodiment, a titie of the Web page is also stored in the list of favorite titles 650. 
Further, a thumbnail image of the Web page may be stored in the list of favorite^ 
thumbnails 655. In this manner, when the user requests his/her fevorite URLs, they 
may be graphically depicted with thumbnail images and tides. To jump to a fevorite 
Web page, the user may select a thumbnail image corresponding to the Web page 
he/she desires. The server 5 may then request the URL associated with the thumbnail 
image selected. 

SMARTCARD LOGwIN 

In the log-in scenario discussed above^ a silicon id associated ^th the user's 
WebTV box 10 was used to access the customer database 540 to generate the ticket 
560. However, ins^on of the SmartCard 9 inhibits the normal log-in processing 
sequence that involves the WebTV box 1 0 transmitting its silicon id to the log-in 
service 515» th^eby allowmg a user session to be initiated by someone other than the 
users assodated with the particular the WebTV box 10. Rather, when a user logs into 
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the WebTV service using a SmartCard 9, idendfication tnfonnation stored on the 
SmartCard 9 is used to initially access the customer database 540 rather than the 
^ficon id of the particular WebTV box 10 employed. The log-in service 515 may 
search the customer database for a SmartCard ID 630 matching the identification 
5 information provided during log-in. Upon finding the appropriate customer record, the 

log-in service 515 can retrieve the customer ID 615 corresponding to the identificadon 
information. Once the log-in service 515 has determined the customer ID 615 
associated vnth the SmartCard 9, ticket generation may proceed as discussed above. 
Figure 7 is a flow diagram illustrating the establishment of an online user session 

10 according to one embodiment of the present invention. At step 705, the WebTV box 

10 detects the presoice of a SmartCard 9. that has been inserted into the SmaitCani 
slot S. For sample, SmartCard interface 3 1 may detect the presence of the SmartCard 
9 and generate an input event. 

At step 710, input processing is performed. In this embodiment, the WebTV 

15 box 10 may be in one of two high level states: powered down or powered up. When 

the WebTV box 10 is powered up, it may be sleeping or awake. In the powered up 
state, the WebTV box 10 may additionally be either disconnected or connected. In the 
powered down sUte, power may be Ifanited to the particular circuitry of the WebTV 
box 10 necessary to detect input events such as those indicating the power button has 

20 been depressed or indicating the insertion of a SmartCard 9. In the sleeping state, a 

screen-saver may be active to prevent damage to the display device 1 2. In the 
disconnected state, the Wd)TV box is not in communication the WebTV Service. In 
the connected state, the Wd)TV box 10 is in communication with the WebTV Sendee 
and may additionally have a ticket 560 stored in RAM 23. The mput processing may 

25 include transitioning from the current state to a new state. For example, if the WebTV 

box 1 0 is in the powered down state vAen the SmartCard 9 is detected the WebTV 
box 10 may transition to the powered up state. Moreover, when the SmartCard 9 is 
detected, the sleeping state may pve w^ to the awake state (e.g., the sareen-savo- 
may be deactivated). 

30 At step 715, the identification information is read from the SmartCard 9. 

Subsequently, at step 720, the identification information is transmitted to a server 5 
such as a server provicfing the log-in service"), 515. 
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At step 725, the log-in service 515, with refoence to the customa^ database 
540, detennines if the identification information is associated with an authorized user 
of the WebTV Service. If the identification information is not found, processing 
continues with step 730, Otherwise, if the identification information is foiindl, 
processing continues with step 735. 

. At step 730, the SmartCard 9 identification information is not currently 
assodated with a customer record in the customer database 540. At this point, the user 
may choose to have the log-in service 515 p^orm SmartCard 9 initialization 
processing The initialization processing may include storing the SmartCard 9 
identification information in the SmartCard ID 630 of the customer record 
corresponding to the user. In this manner, during subsequent SmartCard 9 log-in 
attempts, the identification information will be found in step 725. 

At step 735, the identification information has been found in a customer record. 
The log-in service 515 may require entry of a password before a ticket 560 is 
generated, if a password is associated with the SmartCard 9. If the identification 
information is not authenticated by the correct password, log-in will denied and no 
user session vsoU be established. However, if the correct password is entered, a ticket 
560 will be generated as described above and transnutted to the client 1 at step 740. 

At step 745, the cBent 1 receives the ticket 560 and stores it for fixture service 
access requests. The ticket 560 may be stored in a memory of the WebTV box 1 0 such 
as RAM 23. 

At step 750, configuration information is downloaded to the client 1 . 
Configuration information may bclude customer preferences assodated with the 
particular user. The configuration information may be usefiil for tailoring certain 
operations of the internet terminal to the liking of a particular user. As discussed 
above, the setup service 510 may retrieve the customer preferences from a database 
such as the setup database 530 using the customer id in the ticket 560. At step 760, the 
cfient may store the client configuration information in a memory of the WebTV box 
10 such as RAM 23. 

Advantageously, the assodation of a SmartCard 9 with a user account pro^ades 
a mobile mechanism for accessing the account while maintaining physical security. 
Additionally the SmartCard 9 makes the user's preferences and environment accessible 
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even when the user logs in to the WebTV service from a WebTV box 10 otha* than 
his/her ovnt For example, after the configuration information is downloaded in step 
750, the particular WebTV box 10 employed will act in accordance with the user's 
previously established customer preferences. 

5 

SERVICE REQUEST PROCESSING 

Figure 8 is a flow diagram illustrating service request processing according to 
one embodiment of the present inventioa In this embodiment, when the user makes a 
service request, the client 1 submits a copy of the ticket 560 to that service. The 
1 0 requested service may then determme from the copy of the ticket 560 whether access 

to that service by the user is authorized and, if so, any important information relating 
to such access. Further, information in the copy of the ticket 560 may beusefiil for 
fadlitating the processing of the user's particular service request. 

At step 810, a service request and a copy of the ticket 560 are transmitted to a 
15 server 5 such as one providing the mail service 525. The ticket 560 may have been 

generated in response to dther the typical log-m scenario (i.e., the user logging in from 
his/her WebTV box 10) or the SmartCard log-in scenario (e.g., the user logging in 
from the WebTV box 10 of another). 

At step 820, the server 5 processes the service request with reference to the 
20 infi)Tmation stored in the ticket 560. For example, if the service request is to view new 

email messages, the mail service 525 may use the e-mail identifier in the ticket 560 to 
retrieve the user's e-mail from the mailbox 550. 

At step 830, the server 5 transmits the results of the service request to the 
client 1, For example, the server 5 may compose a page of Hypertext Markup 
25 Language CETTML) inchiding a list of newly received e-mail messages, in response to a 

user request to read his/hor mail. 

Thus, it should be q)preciated, the WebTV service will respond to service 
requests in the manner defined by the user's environment whether the user has 
logged-in to the WebTV ser\dce from Ma/her WebTV box 10 or from another WebTV 
30 box 10 employing a SmartCard 9. 

In the forgoing spedfication, the invention has been described with reference 
to spedfic embodiments thereof It will, however, be evident that various modifications 
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and changes may be made thereto without depaiting from the broader spirit and scope 
of the invention. The specification and drawings are, accordingly, to be regarded in an 
illustrative rather than a restrictive sense. 
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What is dauxied is: 

1. A method of uutiatbg session with a server system fiom an mtemet terminal 
coupled to the server syst^ the method compri^g the steps of: 

an internet terminal determining \^ether or not a smart card is present; 
if the smart card is present, then the internet terminal requesting initiation of a 
. user session by reading identification information from a memory of the 
smart card, and transmitting the identification information to a server; 
and 

if the smart card is not present, then the internet terminal requesting iintiation 
of a user session by transmitting an identifier that identifies the internet 
terminal. 

2. The method of claim !, fiirther indutfing the steps of 

the server determining that the identification information is assodated with an 

authorized user of the server, and 
the sCTver processing a service request from the internet terminal according to a 

user environment assodated with the authorized user. 

3. The method of claim 2, wherein the server has access to a customer database, 
the customer database having stored therem a plurality of customer records, the step of 
the server determining that the identification information is associated voth an 
authorized us&r of the server fiirther inchides the steps of; 

the server locating a customer record of the plurality of customer records that 
is assodated with the identification information by searching the 
customer database with the identification information, the customer 
record including at least a smart card identifier, a customer id^tifi^, a 
first password; and 

the server verifymg a second password recdved firom the client matches the 
first password. 

4. The method of claim 3, wherein prior to the step of the senrar procesang a 
service request Srotn the internet terminal according to a user environment assodated 
with the smart card the method fiirther indudes the stq)s of: 

the server generating a ticket for use in acces^g various services, the ticket 
including insinuation from the customer record; 
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the server transmitting the ticket to the internet tertninai; and 
the internet terminal storing the ticket. 

5. The method of claim 4, further inclucfing the steps of: 

the internet terminal transmitting the ticket with a service request; and 
the server processing the service request with reference to the information 
stored within the ticket 

6. The method of claim 5, \^erem the service request is for a list of favorite web 
^tes, wherein the information stored within the tidcet includes a customer identifier, 
the step of processing the service request with reference to the information stored 
within the ticket further includes the step of retrieving the list of favorite wdb sites 
based upon the customer identifier. 

7. The method of claim 5, wherdn the service request is for a list of electronic 
mail, wherem the information stored within the ticket includes an electronic 
mail identifier, the step of processing the service request with reference to the 
information stored within the ticket further includes the step of retrievmg the 
list of electronic mail based upon the electronic mail identifier. 

8. The method of daim 2^ fiirther induding the steps o£ 

the server locating configuration assodated with the authorized user of 
the server based upon the identification information; and 

the server downloading the configuration information to the internet 
terminal. 

9. The method of daim 8, wherein the configuration information includes 
information identifying one or more background music preferences. 

10. The method of daim 8, wherein the configuration information include 
information identifying one or more font preferences. 

1 1 . The method of daim 8, wherdn the configuration information indudes 
information identifying one or more on*screen keyboard preferences. 

12. The method of claim 8, wherdn the configuration information inchides 
information identifying one or more dectronic mail preferences. 

13. The method of daim 1, wh^ein the Internet tenmnal has a current state, and 
the method further indudes the step of the Internet tenmnal performing input 
procesang based upon the current state. 
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14. The method of claim 13, wherein the $tep of perfbnrang input procesang based 
upon the current state further includes the step of the Internet terminal opening a 
connection with the server if the current state of the Internet terminal disconnected. 

15. The method of daim 13, wherein the step of performing input processiiig based 
upon the cunmt state fiirther includes the step of the Internet terminal powering itself 
up if the current state of the Internet terminal is powered down. 

16. The method of cldm 13, wherein the step of performing input processing based 
upon the current state further includes the step of the Internet temunal waking up by 
suspending the screen-saver if the current state of the Internet terminal is sleq)ins. 

1 7. A method of configuring an Internet terminal, the Internet terminal coupled to 
a server system, the method including the steps of: 

a server receiving identification information fiom an Internet termnal, the 
identification information uniquely identifying a smart card; 

the server locating configuration information assodated with a particular user 
of the server based upon the identification information; and 

the server downloading the configuration information to the Internet terminal. 

1 8 . The method of claim 1 7, wherein prior to the step of a server receiving 
identification information fi^^om an Internet terminal the method further indu&ig the 
steps of: 

the Internet terminal reading identification information fi'om a senuconductor 

memory of the smart card; and 
the Internet terminal transmitting the identification information to the server, 

1 9. The method of cimm 1 7, wherein the configuration is for tailoring one or more 
operations of the Internet terminal to the particular user. 

20. The method of clmm 17, ^erdn the configuration information indudes 
information id^tifying one or more badcground nrnsic preferences 

21. The method of claim 17, wherdn the configuration information indudes 
information identifying one or more font preferences. 

22. The method of clann 17, wherein the configuration information indudes 
information identifying one or more on-screen keyboard preferences. 

23 . The method of daim 17, i^erdn the configuration infiDrmation includes 
information identifying one or more electronic mail preferences. 
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24. A method of establishing an online user sesaon with a server system from an 
Internet terminal coupled to the server system, the method comprising the steps o£ 

the Internet teiminal detecting the presence of a smart card, the smart card 
including a memory having stored therdn identification information; 

the Internet terminal reading the identification information fiom the smart card; 

the Internet terminal transmitting the identification information to a server, 

the server locating user account irifoimation based upon the identification 
information; and 

responding to subsequent service requests fi-om the internet terminal in a 

manner determined by an enviroimient assodated with the us^ account. 

25. The method of claim 24, wherein the environment associated with the user 
account mcludes a set of favorite web sites, and the step of responding to subsequent 
service requests firom the internet terminal in a manner determined by an environment 
associated with the user account further includes the steps of: 

the Internet terminal making a request for favorite web ^tes^ and 
responsive to the request, the senrer transmitting a set of favorite web sites 
associated with the user account. 

26. The method of claim 24, wherem the environment assodated with the user 
account includes a set of electronic mail addresses. 

27. The method of claim 26, the method fiirther induding the steps of: 

the Internet terminal making a request to compose an electronic mail message; 
and 

responsive to the request, the server transmitting information includmg the set 
of dectronic mail addresses. 

28. The method of claim 24, wherdn the predefined environment associated with 
the authorized us^ includes an electronic mail identifier by which dectronic mail can 
be received firom the Internet 

29. The method of daim 28» wherein the predefined environment associated with 
the authorized user includes a set of electronic mail messages addressed to the 
dectronic mail identifier. 
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